27d66 100644
> --- a/arch/powerpc/platforms/pseries/iommu.c
> +++ b/arch/powerpc/platforms/pseries/iommu.c
> @@ -36,7 +36,6 @@
> #include
> #include
> #include
> -#include
> #include
>
> #include "pseries.h"
You still need to keep , otherwise there
Hi Nayna,
Nayna writes:
> On 09/30/2019 09:04 PM, Thiago Jung Bauermann wrote:
>>> diff --git a/arch/powerpc/kernel/ima_arch.c b/arch/powerpc/kernel/ima_arch.c
>>> new file mode 100644
>>> index ..39401b67f19e
>>> --- /dev/null
>>>
s are enforced by the module
subsystem then IMA will verify the signature a second time since there's
no sharing of signature verification results between the module
subsystem and IMA (this was observed by Mimi).
IMHO this is a minor issue, since module loading isn't a hot path and
the duplicate work shouldn't impact anything. But it could be avoided by
having a NULL entry in arch_rules, which arch_get_ima_policy() would
dynamically update with the "appraise func=MODULE_CHECK" rule if
is_module_sig_enforced() is true.
--
Thiago Jung Bauermann
IBM Linux Technology Center
Thiago Jung Bauermann writes:
> Thiago Jung Bauermann writes:
>
>> The ultravisor will do an integrity check of the kernel image but we
>> relocated it so the check will fail. Restore the original image by
>> relocating it back to the kernel virtual base address.
Thiago Jung Bauermann writes:
> The ultravisor will do an integrity check of the kernel image but we
> relocated it so the check will fail. Restore the original image by
> relocating it back to the kernel virtual base address.
>
> This works because during build vmlinux is
.
Fixes: 6a9c930bd775 ("powerpc/prom_init: Add the ESM call to prom_init")
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/elf.h | 3 +++
arch/powerpc/kernel/prom_init.c| 11 +++
arch/powerpc/kernel/prom_init_check.sh | 3 ++-
3 files c
Helge Deller writes:
> On 06.09.19 23:47, Thiago Jung Bauermann wrote:
>> Helge Deller writes:
>>> This kexec patch series is the groundwork for kexec on the parisc
>>> architecture.
>>> Since we want kexec on parisc, I've applied it to my for-next-ke
lf_64.c| 545 +-
>> include/linux/kexec.h | 23 +
>> kernel/Makefile | 1 +
>> .../kexec_elf_64.c => kernel/kexec_elf.c | 394 +++--
>> 6 files changed, 115 insertions(+), 852 deletions(-)
>> copy arch/powerpc/kernel/kexec_elf_64.c => kernel/kexec_elf.c (50%)
--
Thiago Jung Bauermann
IBM Linux Technology Center
Hi Michael,
Michael Ellerman writes:
> Thiago Jung Bauermann writes:
>> Michael Ellerman writes:
>>> On Tue, 2019-08-20 at 02:13:12 UTC, Thiago Jung Bauermann wrote:
>>>> Introduce CONFIG_PPC_SVM to control support for secure guests and include
>>>
Michael Ellerman writes:
> On Tue, 2019-08-06 at 04:49:14 UTC, Thiago Jung Bauermann wrote:
>> powerpc is also going to use this feature, so put it in a generic location.
>>
>> Signed-off-by: Thiago Jung Bauermann
>> Reviewed-by: Thomas Gleixner
>> Reviewed-
Michael Ellerman writes:
> On Tue, 2019-08-20 at 02:13:12 UTC, Thiago Jung Bauermann wrote:
>> Introduce CONFIG_PPC_SVM to control support for secure guests and include
>> Ultravisor-related helpers when it is selected
>>
>> Signed-off-by: Thiago Jung Bauermann
>
el image signed with an
> appended signature and updates the existing test messages
> appropriately.
>
> Reviewed-by: Petr Vorel
> Signed-off-by: Mimi Zohar
Thanks for doing this!
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
Hello Jordan,
Jordan Hand writes:
> On 6/27/19 7:19 PM, Thiago Jung Bauermann wrote:
>> On the OpenPOWER platform, secure boot and trusted boot are being
>> implemented using IMA for taking measurements and verifying signatures.
>> Since the kernel image on Power ser
Thiago Jung Bauermann writes:
>> diff --git a/arch/powerpc/kernel/kexec_elf_64.c b/kernel/kexec_elf.c
>> similarity index 71%
>> copy from arch/powerpc/kernel/kexec_elf_64.c
>> copy to kernel/kexec_elf.c
>> index ba4f18a43ee8..6e9f52171ede 100644
>> ---
Thiago Jung Bauermann writes:
> Sven Schnelle writes:
>
>> It's not used anywhere so just drop it.
>>
>> Signed-off-by: Sven Schnelle
>> ---
>> kernel/kexec_elf.c | 2 --
>> 1 file changed, 2 deletions(-)
>>
>> diff --git a/ke
nels, and also in ppc64 kexecing to both big-endian and
little-endian kernels so:
Tested-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
Hello Sven,
Just a few small comments below. Regardless of them:
Reviewed-by: Thiago Jung Bauermann
Sven Schnelle writes:
> Right now powerpc provides an implementation to read elf files
> with the kexec_file() syscall. Make that available as a public
Nit: the syscall is kexec_fil
Sven Schnelle writes:
> The powerpc version only supported 64 bit. Add some
> code to switch decoding of fields during runtime so
> we can kexec a 32 bit kernel from a 64 bit kernel and
> vice versa.
>
> Signed-off-by: Sven Schnelle
Reviewed-by: Thiago Jung Bauermann
fer(kbuf);
> if (ret)
> goto out;
> @@ -382,9 +382,6 @@ int kexec_elf_load(struct kimage *image, struct elfhdr
> *ehdr,
> lowest_addr = load_addr;
> }
>
> - /* Update entry point to reflect new load address.
-
> static inline bool elf_is_elf_file(const struct elfhdr *ehdr)
> {
> return memcmp(ehdr->e_ident, ELFMAG, SELFMAG) == 0;
Could you remove this one from the file in arch/powerpc as well? Perhaps
this and the previous patch could be placed before patch 1, so that this
change can be done
00644
> --- a/kernel/kexec_elf.c
> +++ b/kernel/kexec_elf.c
> @@ -8,8 +8,6 @@
> #include
> #include
>
> -#define PURGATORY_STACK_SIZE (16 * 1024)
> -
> #define elf_addr_to_cpu elf64_to_cpu
>
> #ifndef Elf_Rel
Can you remove it from the file in arch
Sven Schnelle writes:
> We're not using them, so we can drop the parsing.
>
> Signed-off-by: Sven Schnelle
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
Sven Schnelle writes:
> Change the order to have a 64/32/16 order, no functional change.
>
> Signed-off-by: Sven Schnelle
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
; + const __be32 *prop;
> + u64 size = 0;
> +
> + np = of_find_node_by_path("/ibm,ultravisor/ibm,uv-firmware");
> + if (!np)
> + goto out;
I believe that in general we try to avoid hard-coding the path when a
node is accessed and searched instead v
From: Ryan Grimm
Enables running as a secure guest in platforms with an Ultravisor.
Signed-off-by: Ryan Grimm
Signed-off-by: Ram Pai
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/configs/ppc64_defconfig | 1 +
arch/powerpc/configs/pseries_defconfig | 1 +
2 files changed, 2
-by: Claudio Carvalho
Signed-off-by: Thiago Jung Bauermann
---
Documentation/powerpc/ultravisor.rst | 1055 ++
1 file changed, 1055 insertions(+)
diff --git a/Documentation/powerpc/ultravisor.rst
b/Documentation/powerpc/ultravisor.rst
new file mode 100644
index
o the
ARCH_HAS_MEM_ENCRYPT hooks and call swiotlb_update_mem_attributes() to
convert SWIOTLB's memory pool to shared memory.
Signed-off-by: Anshuman Khandual
[ bauerman: Use ARCH_HAS_MEM_ENCRYPT hooks to share swiotlb memory pool. ]
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/mem_encr
Secure guest memory is inacessible to devices so regular DMA isn't
possible.
In that case set devices' dma_map_ops to NULL so that the generic
DMA code path will use SWIOTLB to bounce buffers for DMA.
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/platforms/pseries/io
, Ram Pai and Michael Anderson.
Signed-off-by: Sukadev Bhattiprolu
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/platforms/pseries/smp.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/platforms/pseries/smp.c
b/arch/powerpc/platforms/pseries/smp.c
ned-off-by: Ryan Grimm
Signed-off-by: Thiago Jung Bauermann
---
.../ABI/testing/sysfs-devices-system-cpu | 10 ++
arch/powerpc/kernel/sysfs.c | 20 +++
2 files changed, 30 insertions(+)
diff --git a/Documentation/ABI/testing/sysfs-devices-sys
, unsharing
of pages is skipped.
NOTE: While testing crashkernel, make sure at least 256M is reserved for
crashkernel. Otherwise SWIOTLB allocation will fail and crash kernel will
fail to boot.
Signed-off-by: Ram Pai
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/ultravisor
From: Anshuman Khandual
Secure guests need to share the DTL buffers with the hypervisor. To that
end, use a kmem_cache constructor which converts the underlying buddy
allocated SLUB cache pages into shared memory.
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung Bauermann
---
arch
here.
Introduce helper is_svm_platform() which uses the S bit of the MSR to tell
whether we're running as a secure guest.
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/svm.h | 26
arch/powerpc/kernel/paca.c
Helps document what the hard-coded number means.
Also take the opportunity to fix an #endif comment.
Suggested-by: Alexey Kardashevskiy
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/kernel/paca.c | 11 ++-
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/arch
|
+---+---+---+---+
| 0 | 1 | 1 | Problem (HV) |
+---+---+---+---+
Signed-off-by: Sukadev Bhattiprolu
Signed-off-by: Ram Pai
[ cclaudio: Update the commit message ]
Signed-off-by: Claudio Carvalho
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/reg.h
From: Ram Pai
These functions are used when the guest wants to grant the hypervisor
access to certain pages.
Signed-off-by: Ram Pai
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/ultravisor-api.h | 2 ++
arch/powerpc/include/asm/ultravisor.h | 24
itching to secure mode.
Signed-off-by: Ram Pai
[ andmike: Generate an RTAS os-term hcall when the ESM ucall fails. ]
Signed-off-by: Michael Anderson
[ bauerman: Cleaned up the code a bit. ]
Signed-off-by: Thiago Jung Bauermann
---
.../admin-guide/kernel-parameters.txt | 5 +
arch/power
e comments. ]
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/boot/main.c | 41 ++
arch/powerpc/boot/ops.h| 2 ++
arch/powerpc/boot/wrapper | 24 +---
arch/powerpc/boot/zImage.lds.S | 8 +++
4 files changed, 72 insert
Introduce CONFIG_PPC_SVM to control support for secure guests and include
Ultravisor-related helpers when it is selected
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/asm-prototypes.h | 2 +-
arch/powerpc/kernel/Makefile | 4 +++-
arch/powerpc/platforms
and UV_UNSHARE_PAGE
powerpc/pseries/svm: Unshare all pages before kexecing a new kernel
Ryan Grimm (2):
powerpc/pseries/svm: Export guest SVM status to user space via sysfs
powerpc/configs: Enable secure guest support in pseries and ppc64
defconfigs
Sukadev Bhattiprolu (3):
powerpc:
that reason, the ucall.S file is placed under
arch/powerpc/kernel.
If ultravisor is not enabled, the ucalls will be redirected to the
hypervisor which must handle/fail the call.
Thanks to inputs from Ram Pai and Michael Anderson.
Signed-off-by: Claudio Carvalho
Signed-off-by: Thiago Jung
Michael Ellerman writes:
> Thiago Jung Bauermann writes:
>> Michael Ellerman writes:
>>> Thiago Jung Bauermann writes:
>>>> From: Anshuman Khandual
>>>>
>>>> LPPACA structures need to be shared with the host. Hence they need to be i
Michael Ellerman writes:
> Thiago Jung Bauermann writes:
>> Michael Ellerman writes:
>>> Thiago Jung Bauermann writes:
>>>> From: Ryan Grimm
>>>> User space might want to know it's running in a secure VM. It can't do
>>>>
Michael Ellerman writes:
> Thiago Jung Bauermann writes:
>> From: Ryan Grimm
>>
>> User space might want to know it's running in a secure VM. It can't do
>> a mfmsr because mfmsr is a privileged instruction.
>>
>> The solution here is to crea
Michael Ellerman writes:
> Thiago Jung Bauermann writes:
>> From: Anshuman Khandual
>>
>> LPPACA structures need to be shared with the host. Hence they need to be in
>> shared memory. Instead of allocating individual chunks of memory for a
>> given structure
m...@ellerman.id.au writes:
> Thiago Jung Bauermann writes:
>> Hello,
>>
>> This version has only a small change in the last patch as requested by
>> Christoph and Halil, and collects Reviewed-by's.
>>
>> These patches are applied on top of v5.3-rc
Hello Christoph,
Thanks for your review.
Christoph Hellwig writes:
> On Tue, Aug 06, 2019 at 02:22:34AM -0300, Thiago Jung Bauermann wrote:
>> @@ -1318,7 +1319,10 @@ void iommu_init_early_pSeries(void)
>> of_reconfig_notifier_register(&am
From: Ryan Grimm
Enables running as a secure guest in platforms with an Ultravisor.
Signed-off-by: Ryan Grimm
Signed-off-by: Ram Pai
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/configs/ppc64_defconfig | 1 +
arch/powerpc/configs/pseries_defconfig | 1 +
2 files changed, 2
-by: Claudio Carvalho
Signed-off-by: Thiago Jung Bauermann
---
Documentation/powerpc/ultravisor.rst | 1048 ++
1 file changed, 1048 insertions(+)
diff --git a/Documentation/powerpc/ultravisor.rst
b/Documentation/powerpc/ultravisor.rst
new file mode 100644
index
o the
ARCH_HAS_MEM_ENCRYPT hooks and call swiotlb_update_mem_attributes() to
convert SWIOTLB's memory pool to shared memory.
Signed-off-by: Anshuman Khandual
[ bauerman: Use ARCH_HAS_MEM_ENCRYPT hooks to share swiotlb memory pool. ]
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/mem_encr
Secure guest memory is inacessible to devices so regular DMA isn't
possible.
In that case set devices' dma_map_ops to NULL so that the generic
DMA code path will use SWIOTLB and DMA to bounce buffers.
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/platforms/pseries/iommu.c | 6
, Ram Pai and Michael Anderson.
Signed-off-by: Sukadev Bhattiprolu
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/platforms/pseries/smp.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/platforms/pseries/smp.c
b/arch/powerpc/platforms/pseries/smp.c
0.
Signed-off-by: Ryan Grimm
Reviewed-by: Ram Pai
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/kernel/sysfs.c | 29 +
1 file changed, 29 insertions(+)
diff --git a/arch/powerpc/kernel/sysfs.c b/arch/powerpc/kernel/sysfs.c
index e2147d7c9e72..f7100ab77d29 10
, unsharing
of pages is skipped.
NOTE: While testing crashkernel, make sure at least 256M is reserved for
crashkernel. Otherwise SWIOTLB allocation will fail and crash kernel will
fail to boot.
Signed-off-by: Ram Pai
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/ultravisor
From: Anshuman Khandual
Secure guests need to share the DTL buffers with the hypervisor. To that
end, use a kmem_cache constructor which converts the underlying buddy
allocated SLUB cache pages into shared memory.
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung Bauermann
---
arch
here.
Introduce helper is_svm_platform() which uses the S bit of the MSR to tell
whether we're running as a secure guest.
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/svm.h | 26
arch/powerpc/kernel/paca.c
Helps document what the hard-coded number means.
Also take the opportunity to fix an #endif comment.
Suggested-by: Alexey Kardashevskiy
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/kernel/paca.c | 11 ++-
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/arch
userspace)
1 0 hypervisor ultravisor
1 1 problem reserved
Signed-off-by: Sukadev Bhattiprolu
Signed-off-by: Ram Pai
[ cclaudio: Update the commit message ]
Signed-off-by: Claudio Carvalho
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/reg.h | 3 +++
1
From: Ram Pai
These functions are used when the guest wants to grant the hypervisor
access to certain pages.
Signed-off-by: Ram Pai
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/ultravisor-api.h | 2 ++
arch/powerpc/include/asm/ultravisor.h | 24
itching to secure mode.
Signed-off-by: Ram Pai
[ andmike: Generate an RTAS os-term hcall when the ESM ucall fails. ]
Signed-off-by: Michael Anderson
[ bauerman: Cleaned up the code a bit. ]
Signed-off-by: Thiago Jung Bauermann
---
.../admin-guide/kernel-parameters.txt | 5 +
arch/power
e comments. ]
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/boot/main.c | 41 ++
arch/powerpc/boot/ops.h| 2 ++
arch/powerpc/boot/wrapper | 24 +---
arch/powerpc/boot/zImage.lds.S | 8 +++
4 files changed, 72 insert
Introduce CONFIG_PPC_SVM to control support for secure guests and include
Ultravisor-related helpers when it is selected
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/asm-prototypes.h | 2 +-
arch/powerpc/kernel/Makefile | 4 +++-
arch/powerpc/platforms
lpers for UV_SHARE_PAGE and UV_UNSHARE_PAGE
powerpc/pseries/svm: Unshare all pages before kexecing a new kernel
Ryan Grimm (2):
powerpc/pseries/svm: Export guest SVM status to user space via sysfs
powerpc/configs: Enable secure guest support in pseries and ppc64
defconfigs
Sukadev Bhattipr
, the ucall.S file is placed under
arch/powerpc/kernel.
If ultravisor is not enabled, the ucalls will be redirected to the
hypervisor which must handle/fail the call.
Thanks to inputs from Ram Pai and Michael Anderson.
Signed-off-by: Claudio Carvalho
Signed-off-by: Thiago Jung Bauermann
---
arch
All references to sev_active() were moved to arch/x86 so we don't need to
define it for s390 anymore.
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Christoph Hellwig
Reviewed-by: Halil Pasic
---
arch/s390/include/asm/mem_encrypt.h | 1 -
arch/s390/mm/init.c | 7 +
erride
the generic weak implementation. To do that, it's necessary to make
read_from_oldmem() public so that it can be used outside of vmcore.c.
Also, remove the export for sev_active() since it's only used in files that
won't be built as modules.
Signed-off-by: Thiago Jung Bauerman
_psp_pa()) which can be built as a
module so its export needs to stay.
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Christoph Hellwig
Reviewed-by: Tom Lendacky
---
arch/s390/include/asm/mem_encrypt.h | 4 +---
arch/x86/include/asm/mem_encrypt.h | 10 ++
arch/x86/mm/mem_encr
by: Thiago Jung Bauermann
Reviewed-by: Christoph Hellwig
Reviewed-by: Tom Lendacky
---
kernel/dma/swiotlb.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/kernel/dma/swiotlb.c b/kernel/dma/swiotlb.c
index 9de232229063..f29caad71e13 100644
--- a/kernel/dma/swiotlb.c
+++ b/
dma_check_mask().
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Christoph Hellwig
Reviewed-by: Tom Lendacky
---
kernel/dma/mapping.c | 8
1 file changed, 8 deletions(-)
diff --git a/kernel/dma/mapping.c b/kernel/dma/mapping.c
index 1f628e7ac709..61eeefbfcb36 100644
--- a/kernel/dma/
powerpc is also going to use this feature, so put it in a generic location.
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Thomas Gleixner
Reviewed-by: Christoph Hellwig
---
arch/Kconfig | 3 +++
arch/s390/Kconfig | 4 +---
arch/x86/Kconfig | 4 +---
3 files changed, 5 insertions
Kconfig as well.
- Reworded patch title and message a little bit.
- Patch "DMA mapping: Move SME handling to x86-specific files"
- Adapt s390's as well.
- Remove dma_check_mask() from kernel/dma/mapping.c. Suggested by
Christoph Hellwig.
Thiago Jung Bauermann
Christopher M Riedl writes:
>> On July 30, 2019 at 4:31 PM Thiago Jung Bauermann
>> wrote:
>>
>>
>>
>> Christopher M. Riedl writes:
>>
>> > Determining if a processor is in shared processor mode is not a constant
>> > so don't
SPLPAR depends on CONFIG_PPC_PSERIES, which depends on
CONFIG_PPC_BOOK3S so the #ifdef above is unnecessary:
if CONFIG_PPC_BOOK3S is unset then CONFIG_PPC_SPLPAR will be unset as
well and the return expression should short-circuit to false.
--
Thiago Jung Bauermann
IBM Linux Technology Center
Hello Philipp,
Philipp Rudo writes:
> Hi Thiago,
>
> On Thu, 04 Jul 2019 15:57:34 -0300
> Thiago Jung Bauermann wrote:
>
>> Hello Philipp,
>>
>> Philipp Rudo writes:
>>
>> > Hi Thiago,
>> >
>> >
>>
rove the system]
>
> url:
> https://github.com/0day-ci/linux/commits/Thiago-Jung-Bauermann/Remove-x86-specific-code-from-generic-headers/20190715-063006
> config: s390-allnoconfig (attached as .config)
> compiler: s390-linux-gcc (GCC) 7.4.0
> reproduce:
> wget
> h
Hello Lianbo,
lijiang writes:
> 在 2019年07月19日 01:47, Lendacky, Thomas 写道:
>> On 7/17/19 10:28 PM, Thiago Jung Bauermann wrote:
>>> Secure Encrypted Virtualization is an x86-specific feature, so it shouldn't
>>> appear in generic kernel code because it
Lendacky, Thomas writes:
> On 7/18/19 2:44 PM, Thiago Jung Bauermann wrote:
>>
>> Lendacky, Thomas writes:
>>
>>> On 7/17/19 10:28 PM, Thiago Jung Bauermann wrote:
>>>> Hello,
>>>>
>>>> This version is mostly about splitt
Alexey Kardashevskiy writes:
> On 19/07/2019 07:28, Thiago Jung Bauermann wrote:
>>
>> Hello Segher,
>>
>> Thanks for your review and suggestions!
>>
>> Segher Boessenkool writes:
>>
>>> (Sorry to hijack your reply).
>>>
>>&
Hello Segher,
Thanks for your review and suggestions!
Segher Boessenkool writes:
> (Sorry to hijack your reply).
>
> On Thu, Jul 18, 2019 at 06:11:48PM +1000, Alexey Kardashevskiy wrote:
>> On 13/07/2019 16:00, Thiago Jung Bauermann wrote:
>> >From: Ram Pai
>>
Hello Alexey,
Thanks for your review!
Alexey Kardashevskiy writes:
> On 13/07/2019 16:00, Thiago Jung Bauermann wrote:
>> From: Ram Pai
>>
>> These functions are used when the guest wants to grant the hypervisor
>> access to certain pages.
>>
>> S
Thomas Gleixner writes:
> On Fri, 12 Jul 2019, Thiago Jung Bauermann wrote:
>> diff --git a/include/linux/mem_encrypt.h b/include/linux/mem_encrypt.h
>> index b310a9c18113..f2e399fb626b 100644
>> --- a/include/linux/mem_encrypt.h
>> +++ b/include/linux/mem_en
Lendacky, Thomas writes:
> On 7/17/19 10:28 PM, Thiago Jung Bauermann wrote:
>> Hello,
>>
>> This version is mostly about splitting up patch 2/3 into three separate
>> patches, as suggested by Christoph Hellwig. Two other changes are a fix in
>&g
ferred:
>
> Reviewed-by: Halil Pasic
Thanks for your review.
Here is the new version. Should I send a new patch series with this
patch and the Reviewed-by on the other ones?
--
Thiago Jung Bauermann
IBM Linux Technology Center
>From 1726205c73fb9e29feaa3d8909c5a1b0f2054c04 Mon
e();
>> +return is_prot_virt_guest();
>> }
>
> Do we want to keep the comment for force_dma_unencrypted?
>
> Otherwise looks good:
>
> Reviewed-by: Christoph Hellwig
Thank you for your review on al these patches.
--
Thiago Jung Bauermann
IBM Linux Technology Center
All references to sev_active() were moved to arch/x86 so we don't need to
define it for s390 anymore.
Signed-off-by: Thiago Jung Bauermann
---
arch/s390/include/asm/mem_encrypt.h | 1 -
arch/s390/mm/init.c | 8 +---
2 files changed, 1 insertion(+), 8 deletions(-)
diff
_psp_pa()) which can be built as a
module so its export needs to stay.
Signed-off-by: Thiago Jung Bauermann
---
arch/s390/include/asm/mem_encrypt.h | 4 +---
arch/x86/include/asm/mem_encrypt.h | 10 ++
arch/x86/mm/mem_encrypt.c | 1 -
include/linux/mem_encrypt.h |
erride
the generic weak implementation. To do that, it's necessary to make
read_from_oldmem() public so that it can be used outside of vmcore.c.
Also, remove the export for sev_active() since it's only used in files that
won't be built as modules.
Signed-off-by: Thiago Jung Bauerm
dma_check_mask().
Signed-off-by: Thiago Jung Bauermann
---
kernel/dma/mapping.c | 8
1 file changed, 8 deletions(-)
diff --git a/kernel/dma/mapping.c b/kernel/dma/mapping.c
index 1f628e7ac709..61eeefbfcb36 100644
--- a/kernel/dma/mapping.c
+++ b/kernel/dma/mapping.c
@@ -291,12
by: Thiago Jung Bauermann
---
kernel/dma/swiotlb.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/kernel/dma/swiotlb.c b/kernel/dma/swiotlb.c
index 62fa5a82a065..e52401f94e91 100644
--- a/kernel/dma/swiotlb.c
+++ b/kernel/dma/swiotlb.c
@@ -459,8 +459,7 @@ p
ve definition of ARCH_HAS_MEM_ENCRYPT from s390/Kconfig as well.
- Reworded patch title and message a little bit.
- Patch "DMA mapping: Move SME handling to x86-specific files"
- Adapt s390's as well.
- Remove dma_check_mask() from kernel/dma/mapping.c. Suggested by
Chri
powerpc is also going to use this feature, so put it in a generic location.
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Thomas Gleixner
Reviewed-by: Christoph Hellwig
---
arch/Kconfig | 3 +++
arch/s390/Kconfig | 4 +---
arch/x86/Kconfig | 4 +---
3 files changed, 5 insertions
Michael S. Tsirkin writes:
> On Mon, Jul 15, 2019 at 07:03:03PM -0300, Thiago Jung Bauermann wrote:
>>
>> Michael S. Tsirkin writes:
>>
>> > On Mon, Jul 15, 2019 at 05:29:06PM -0300, Thiago Jung Bauermann wrote:
>> >>
>> >> Michael S.
Michael S. Tsirkin writes:
> On Mon, Jul 15, 2019 at 05:29:06PM -0300, Thiago Jung Bauermann wrote:
>>
>> Michael S. Tsirkin writes:
>>
>> > On Sun, Jul 14, 2019 at 02:51:18AM -0300, Thiago Jung Bauermann wrote:
>> >>
>> >>
>> &g
Michael S. Tsirkin writes:
> On Sun, Jul 14, 2019 at 02:51:18AM -0300, Thiago Jung Bauermann wrote:
>>
>>
>> Michael S. Tsirkin writes:
>>
>> > So this is what I would call this option:
>> >
>> > VIRTIO_F_ACCESS_PLATFORM_IDENTITY_ADDRE
ys and will then feed the dma-mapping fix to Linus,
> it might make sense to either rebase Thiagos series on top of the
> dma-mapping for-next branch, or wait a few days before reposting.
I'll rebase on top of dma-mapping/for-next and do the break up of patch
2 that you mentioned as well.
--
Thiago Jung Bauermann
IBM Linux Technology Center
Hello Janani,
Thanks for reviewing the patch.
janani writes:
> On 2019-07-12 23:45, Thiago Jung Bauermann wrote:
>> powerpc is also going to use this feature, so put it in a generic location.
>>
>> Signed-off-by: Thiago Jung Bauermann
>> Reviewed-by: Thomas Gleixn
Michael S. Tsirkin writes:
> On Thu, Jun 27, 2019 at 10:58:40PM -0300, Thiago Jung Bauermann wrote:
>>
>> Michael S. Tsirkin writes:
>>
>> > On Mon, Jun 03, 2019 at 10:13:59PM -0300, Thiago Jung Bauermann wrote:
>> >>
>> >>
>> >&
From: Ryan Grimm
Enables running as a secure guest in platforms with an Ultravisor.
Signed-off-by: Ryan Grimm
Signed-off-by: Ram Pai
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/configs/ppc64_defconfig | 1 +
arch/powerpc/configs/pseries_defconfig | 1 +
2 files changed, 2
o the
ARCH_HAS_MEM_ENCRYPT hooks and call swiotlb_update_mem_attributes() to
convert SWIOTLB's memory pool to shared memory.
Signed-off-by: Anshuman Khandual
[ bauerman: Use ARCH_HAS_MEM_ENCRYPT hooks to share swiotlb memory pool. ]
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/mem_encr
Secure guest memory is inacessible to devices so regular DMA isn't
possible.
In that case set devices' dma_map_ops to NULL so that the generic
DMA code path will use SWIOTLB and DMA to bounce buffers.
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/platforms/pseries/iommu.c | 6
101 - 200 of 817 matches
Mail list logo